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Amendments to the Claims 

The listing of claims will replace all prior versions, and listings of claims in the 
application. 

1 . (currently amended) A method of providing automated document 
retention for an electronic document documents , said method comprising: 

obtaining an electronic document; 

(a) assigning a document retention policy to the electronic document, the 
document retention policy being based on a recurring cut-off retention schedule; and 

(blcryptographically imposing associating the document retention policy with en 
the electronic document. 

2. (currently amended) A The method as recited in claim 1 , wherein said 
method fmther comprising comprises : 

Dubooquontly determining whether a document retention period for the e lectronic 
document has boon e xceeded; and 

{clcryptographically preventing access to the electronic document in accordance 
with the document retention policy when fee a document retention period for the 
electronic document has been exceeded. 

3. (currently amended) A The method as recited in claim 1 , wherein: 
wh e r e in said imposing op e rat e s to utiliz e step (b) utilizes a cryptographic key to 

impos e associate the document retention policy, and 
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wherein the document retention pohcy specifies a document retention period and 
a cut-off period. 

4. (currently amended) A The method as recited in claim 3, wherein the 
document retention policy specifies a document retention period that expires a 
predetermined period of time after the cut-off period. 

5. (currently amended) A The method as recited in claim 3, wherein the cut- 
off period corresponds to a maximum off-line period of a client. 

6. (currently amended) A The method as recited in claim 1, wherein said 
imposing associating comprises acquiring a cryptographic key firom a server over a 
network, the cryptographic key being used to associate impos e the document retention 
policy. 

7. (currently amended) A The method as recited in claim 6, wherein said 
method furthe r comprisin g comprises : 

dotcrmining wheth e r the document retention period has expired; and 

(c) deactivating the cryptographic key when said det e rmining d e t e rmin e s th at the 

a document retention period has expired, thereby preventing further access to the 

electronic docxxment. 
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8. (currently amended) A The method as recited in claim 7, wherein: 
wherein said imposing associating operates to utilize a cryptographic key to 

impose associate the document retention policy, and 

wherein the document retention pohcy specifies a document retention period and 
a cut-off period. 

9. (currently amended) A The method as recited in claim 8, wherein the 
document retention policy specifies a document retention period that expires a 
predetermined period of time after the cut-off period. 

1 0. (currently amended) A method for periodically providing document 
retention keys to clients of a docum e nt retention syotom via a network , said method 
comprising: 

determining whether a cut-off period for a current or prior document retention 
key has been reached; 

generating a next document retention key to be used to encrypt an electronic 
docum e nts document during a next cut-off period, the next document retention key 
having a document retention period associated therewith; and 

notifying a client any of th e cli e nts that are connected to the network of the next 
document retention key. 

1 1 . (currently amended) A The method as recited in claim 10, wherein said 
method further comprises further comprising : 
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subsequently determining whether the prior document retention key is to be 
deactivated based on the document retention period; and 

deactivating the prior document retention key when said determining determines 
that the prior document retention key is to be deactivated. 

12. (currently amended) A The method as recited in claim 1 1, wherein the 
document retention period is a predetermined duration of time following the end of the 
next cut-off period. 

13, (currently amended) A method for restricting access to an electronic 
document, said method comprising: 

identifying an electronic document to be secured, the electronic document having 
at least a data portion that contains data; 
obtaining a docum e nt key; 

encrypting the a data portion of the an electronic document using the a document 
key to produce an encrypted data portion; 

obtaining using a retention access ke y, the retention acc e ss key b e ing us e d to 
enforc e associate a document retention policy en with the electronic document; 

encrypting the document key using the retention access key to produce an 
encrypted document key, the retention access key enly being usable for said encrypting 
during a cut-off perio d of a recurring cut-off retention schedule : 
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forming a secured electronic document firom at least the encrypted data portion 

and the encrypted document key; and 

storing the secured electronic document. 

14. (currently amended) A The method as recited in claim 13, wherein the 
retention access key is a public retention access key. 

15. (currently amended) A The method as recited in claim 13, wherein the 
document retention policy specifies a document retention period that expires a 
predetermined period of time after the cut-off period. 

16. (currently amended) A method for accessing a secured electronic 
document by a requestor , the secured electronic document having at least a header 
portion and a data portion, said method comprising: 

obtaining a retention access key, the retention access key being used to associate 
enforce a document retention period of a document retention policy en with the 
electronic document, the retention access key being usable enly during the document 
retention period following a cut-off period of a recurring cut-off retention schedule : 

obtaining an encrypted document key from the header portion of the secured 
electronic document; 

decrypting the encrypted document key using the retention access key to produce 
a document key; and 
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decrypting an encrypted data portion of the secured electronic document using 

the document key to produce a data portionj-and 

supplying the data portion to the requ e stor . 

17. (currently amended) A The method as recited in claim 16, wherein the 
retention access key is identified by an indicator within a header portion of the secured 
electronic document. 

18. (currently amended) A The method as recited in claim 1 6, wherein the 
retention access key is a private retention access key. 

19. (currently amended) A The method as recited in claim 16, whereinH^ 
permitted, said obtaining obtains the retention access key being obtained from a server. 

20. (currently amended) A The method as recited in claim 16, wherein the 
document retention period is a predetermined period of time after the occurrence of the 
cut-off period. 

21 . (currently amended) A computer readable medium including at least 
computer program code for providing automat e d document retention for an electronic 
document e lectronic documents , said computer readable medium comprising: 

comput e r program code for obtaining an e l e ctronic document; 
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computer program code for assigning a document retention policy to the 
electronic document, the document retention policy being based on a recurring cut-off 
retention schedule; and 

computer program code for cryptographically associating imposing the document 
retention policy en with the electronic document. 

22. (currently amended) A The computer readable medium as recited in claim 
21, wherein said computer readable medium further comprises: 

computer program code for aubsequcntly determining whether a document 
retention period for the electronic document has b ee n exceeded; and 

computer program code for cryptographically preventing access to the electronic 
document in accordance with the document retention policy when a the document 
retention period for the electronic document has been exceeded. 

23. (currently amended) A The computer readable medium as recited in claim 

21, 

wherein said computer program code for cryptographically associates imposing 
operates to utilize a cryptographic key to associate impose the document retention policy, 
and 

wherein the document retention policy specifies a document retention period and 
a cutoff period. 
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24. (currently amended) A The computer readable medium as recited in claim 
23, wherein the document retention policy specifies a document retention period that 
expires a predetermined period of time after the cut-off period. 

25. (currently amended) A file security system for restricting access to an 
electronic file files, said file security syst e m comprising: 

a key store that stores a plurality of cryptographic key pairs, each of the 
cryptographic key pairs including a public key and a private key, at least one of the 
cryptographic key pairs pertaining to a retention policy, the retention policy having a 
document retention period and a cut-off period; and 

an access manager operatively connected to said key store, said access manager 
malces configured to make available, for each of the cut-off periods, a different one of the 
public keys of the at least one of the cryptographic key pairs, and said access manager 
determines to determine whether the private key of the at least one of the cryptographic 
key pairs pertaining to the retention policy is permitted to be provided to a requestor 
based on whether the document retention period following the cut-off period has expired, 

wherein the requestor requires the private key of the at least one of the 
cryptographic key pairs pertaining to the retention policy to access a secured electronic 
file, and wherein the secured electronic file was previously secured using the public key 
of the at least one of the cryptographic key pairs pertaining to the retention policy, and at 
the time the electronic file was so secured, the public key was within the cut-off period 
and available for use. 



Atty. Dkt. No. 2222.5490000 



